Scan Report
Created by ORT, the OSS Review Toolkit, version cc543c9380-dirty on 2023-03-03T22:49:16.633728406Z.

Project

Scanned revision 5ec5a2425d6a8da34b7644c8ff50a3edf3673267 of Git repository https://gitlab.eclipse.org/eclipse/technology/dash/eclipse-api-for-java.git

Index

Rule Violation Summary (14 errors, 8 warnings, 5 hints to resolve)

# Rule Package License Message
1 OSADL_PROJECT_LICENSE_COMPATIBILITY Maven:junit:junit:4.13 DECLARED: EPL-1.0

The outbound license Apache-2.0 of project 'Maven:org.eclipse.dash:eclipse-api-for-java:0.0.1-SNAPSHOT' is incompatible with the inbound license EPL-1.0 of its dependency 'Maven:junit:junit:4.13'. Software under a copyleft license such as the EPL-1.0 license normally cannot be redistributed under a non-copyleft license such as the Apache-2.0 license, except if it were explicitly permitted in the licenses.

How to fix

Remove the dependency on 'Maven:junit:junit:4.13' or put 'Maven:org.eclipse.dash:eclipse-api-for-java:0.0.1-SNAPSHOT' under a different license.
2 OSADL_PROJECT_LICENSE_COMPATIBILITY Maven:junit:junit:4.13 DETECTED: EPL-1.0

The outbound license Apache-2.0 of project 'Maven:org.eclipse.dash:eclipse-api-for-java:0.0.1-SNAPSHOT' is incompatible with the inbound license EPL-1.0 of its dependency 'Maven:junit:junit:4.13'. Software under a copyleft license such as the EPL-1.0 license normally cannot be redistributed under a non-copyleft license such as the Apache-2.0 license, except if it were explicitly permitted in the licenses.

How to fix

Remove the dependency on 'Maven:junit:junit:4.13' or put 'Maven:org.eclipse.dash:eclipse-api-for-java:0.0.1-SNAPSHOT' under a different license.
3 OSADL_PROJECT_LICENSE_COMPATIBILITY Maven:junit:junit:4.13 DETECTED: EPL-2.0

The outbound license Apache-2.0 of project 'Maven:org.eclipse.dash:eclipse-api-for-java:0.0.1-SNAPSHOT' is incompatible with the inbound license EPL-2.0 of its dependency 'Maven:junit:junit:4.13'. Software under a copyleft license such as the EPL-2.0 license normally cannot be redistributed under a non-copyleft license such as the Apache-2.0 license, except if it were explicitly permitted in the licenses.

How to fix

Remove the dependency on 'Maven:junit:junit:4.13' or put 'Maven:org.eclipse.dash:eclipse-api-for-java:0.0.1-SNAPSHOT' under a different license.
4 OSADL_PROJECT_LICENSE_COMPATIBILITY Maven:org.glassfish:jakarta.json:2.0.0 DECLARED: EPL-2.0

The outbound license Apache-2.0 of project 'Maven:org.eclipse.dash:eclipse-api-for-java:0.0.1-SNAPSHOT' is incompatible with the inbound license EPL-2.0 of its dependency 'Maven:org.glassfish:jakarta.json:2.0.0'. Software under a copyleft license such as the EPL-2.0 license normally cannot be redistributed under a non-copyleft license such as the Apache-2.0 license, except if it were explicitly permitted in the licenses.

How to fix

Remove the dependency on 'Maven:org.glassfish:jakarta.json:2.0.0' or put 'Maven:org.eclipse.dash:eclipse-api-for-java:0.0.1-SNAPSHOT' under a different license.
5 OSADL_PROJECT_LICENSE_COMPATIBILITY Maven:org.glassfish:jakarta.json:2.0.0 DECLARED: GPL-2.0-only WITH Classpath-exception-2.0

The outbound license Apache-2.0 of project 'Maven:org.eclipse.dash:eclipse-api-for-java:0.0.1-SNAPSHOT' is incompatible with the inbound license GPL-2.0-only (simplified from 'GPL-2.0-only WITH Classpath-exception-2.0') of its dependency 'Maven:org.glassfish:jakarta.json:2.0.0'. Software under a copyleft license such as the GPL-2.0-only license normally cannot be redistributed under a non-copyleft license such as the Apache-2.0 license, except if it were explicitly permitted in the licenses.

How to fix

Remove the dependency on 'Maven:org.glassfish:jakarta.json:2.0.0' or put 'Maven:org.eclipse.dash:eclipse-api-for-java:0.0.1-SNAPSHOT' under a different license.
6 OSADL_PROJECT_LICENSE_COMPATIBILITY Maven:org.glassfish:jakarta.json:2.0.0 DECLARED: GPL-2.0-only WITH Classpath-exception-2.0

The outbound license EPL-2.0 of project 'Maven:org.eclipse.dash:eclipse-api-for-java:0.0.1-SNAPSHOT' is incompatible with the inbound license GPL-2.0-only (simplified from 'GPL-2.0-only WITH Classpath-exception-2.0') of its dependency 'Maven:org.glassfish:jakarta.json:2.0.0'. Software under a copyleft license such as the GPL-2.0-only license normally cannot be redistributed under another copyleft license such as the EPL-2.0 license, except if it were explicitly permitted in the licenses.

How to fix

Remove the dependency on 'Maven:org.glassfish:jakarta.json:2.0.0' or put 'Maven:org.eclipse.dash:eclipse-api-for-java:0.0.1-SNAPSHOT' under a different license.
7 OSADL_PROJECT_LICENSE_COMPATIBILITY Maven:org.junit.jupiter:junit-jupiter-api:5.7.1 DECLARED: EPL-2.0

The outbound license Apache-2.0 of project 'Maven:org.eclipse.dash:eclipse-api-for-java:0.0.1-SNAPSHOT' is incompatible with the inbound license EPL-2.0 of its dependency 'Maven:org.junit.jupiter:junit-jupiter-api:5.7.1'. Software under a copyleft license such as the EPL-2.0 license normally cannot be redistributed under a non-copyleft license such as the Apache-2.0 license, except if it were explicitly permitted in the licenses.

How to fix

Remove the dependency on 'Maven:org.junit.jupiter:junit-jupiter-api:5.7.1' or put 'Maven:org.eclipse.dash:eclipse-api-for-java:0.0.1-SNAPSHOT' under a different license.
8 OSADL_PROJECT_LICENSE_COMPATIBILITY Maven:org.junit.jupiter:junit-jupiter-engine:5.7.1 DECLARED: EPL-2.0

The outbound license Apache-2.0 of project 'Maven:org.eclipse.dash:eclipse-api-for-java:0.0.1-SNAPSHOT' is incompatible with the inbound license EPL-2.0 of its dependency 'Maven:org.junit.jupiter:junit-jupiter-engine:5.7.1'. Software under a copyleft license such as the EPL-2.0 license normally cannot be redistributed under a non-copyleft license such as the Apache-2.0 license, except if it were explicitly permitted in the licenses.

How to fix

Remove the dependency on 'Maven:org.junit.jupiter:junit-jupiter-engine:5.7.1' or put 'Maven:org.eclipse.dash:eclipse-api-for-java:0.0.1-SNAPSHOT' under a different license.
9 OSADL_PROJECT_LICENSE_COMPATIBILITY Maven:org.junit.platform:junit-platform-commons:1.7.1 DECLARED: EPL-2.0

The outbound license Apache-2.0 of project 'Maven:org.eclipse.dash:eclipse-api-for-java:0.0.1-SNAPSHOT' is incompatible with the inbound license EPL-2.0 of its dependency 'Maven:org.junit.platform:junit-platform-commons:1.7.1'. Software under a copyleft license such as the EPL-2.0 license normally cannot be redistributed under a non-copyleft license such as the Apache-2.0 license, except if it were explicitly permitted in the licenses.

How to fix

Remove the dependency on 'Maven:org.junit.platform:junit-platform-commons:1.7.1' or put 'Maven:org.eclipse.dash:eclipse-api-for-java:0.0.1-SNAPSHOT' under a different license.
10 OSADL_PROJECT_LICENSE_COMPATIBILITY Maven:org.junit.platform:junit-platform-engine:1.7.1 DECLARED: EPL-2.0

The outbound license Apache-2.0 of project 'Maven:org.eclipse.dash:eclipse-api-for-java:0.0.1-SNAPSHOT' is incompatible with the inbound license EPL-2.0 of its dependency 'Maven:org.junit.platform:junit-platform-engine:1.7.1'. Software under a copyleft license such as the EPL-2.0 license normally cannot be redistributed under a non-copyleft license such as the Apache-2.0 license, except if it were explicitly permitted in the licenses.

How to fix

Remove the dependency on 'Maven:org.junit.platform:junit-platform-engine:1.7.1' or put 'Maven:org.eclipse.dash:eclipse-api-for-java:0.0.1-SNAPSHOT' under a different license.
11 OSADL_PROJECT_LICENSE_COMPATIBILITY Maven:org.junit.platform:junit-platform-launcher:1.7.1 DECLARED: EPL-2.0

The outbound license Apache-2.0 of project 'Maven:org.eclipse.dash:eclipse-api-for-java:0.0.1-SNAPSHOT' is incompatible with the inbound license EPL-2.0 of its dependency 'Maven:org.junit.platform:junit-platform-launcher:1.7.1'. Software under a copyleft license such as the EPL-2.0 license normally cannot be redistributed under a non-copyleft license such as the Apache-2.0 license, except if it were explicitly permitted in the licenses.

How to fix

Remove the dependency on 'Maven:org.junit.platform:junit-platform-launcher:1.7.1' or put 'Maven:org.eclipse.dash:eclipse-api-for-java:0.0.1-SNAPSHOT' under a different license.
12 OSADL_PROJECT_LICENSE_COMPATIBILITY Maven:org.junit.platform:junit-platform-runner:1.7.1 CONCLUDED: EPL-2.0

The outbound license Apache-2.0 of project 'Maven:org.eclipse.dash:eclipse-api-for-java:0.0.1-SNAPSHOT' is incompatible with the inbound license EPL-2.0 of its dependency 'Maven:org.junit.platform:junit-platform-runner:1.7.1'. Software under a copyleft license such as the EPL-2.0 license normally cannot be redistributed under a non-copyleft license such as the Apache-2.0 license, except if it were explicitly permitted in the licenses.

How to fix

Remove the dependency on 'Maven:org.junit.platform:junit-platform-runner:1.7.1' or put 'Maven:org.eclipse.dash:eclipse-api-for-java:0.0.1-SNAPSHOT' under a different license.
13 OSADL_PROJECT_LICENSE_COMPATIBILITY Maven:org.junit.platform:junit-platform-suite-api:1.7.1 DECLARED: EPL-2.0

The outbound license Apache-2.0 of project 'Maven:org.eclipse.dash:eclipse-api-for-java:0.0.1-SNAPSHOT' is incompatible with the inbound license EPL-2.0 of its dependency 'Maven:org.junit.platform:junit-platform-suite-api:1.7.1'. Software under a copyleft license such as the EPL-2.0 license normally cannot be redistributed under a non-copyleft license such as the Apache-2.0 license, except if it were explicitly permitted in the licenses.

How to fix

Remove the dependency on 'Maven:org.junit.platform:junit-platform-suite-api:1.7.1' or put 'Maven:org.eclipse.dash:eclipse-api-for-java:0.0.1-SNAPSHOT' under a different license.
14 OSADL_PROJECT_LICENSE_COMPATIBILITY Maven:org.junit.platform:junit-platform-suite-api:1.7.1 DETECTED: EPL-2.0

The outbound license Apache-2.0 of project 'Maven:org.eclipse.dash:eclipse-api-for-java:0.0.1-SNAPSHOT' is incompatible with the inbound license EPL-2.0 of its dependency 'Maven:org.junit.platform:junit-platform-suite-api:1.7.1'. Software under a copyleft license such as the EPL-2.0 license normally cannot be redistributed under a non-copyleft license such as the Apache-2.0 license, except if it were explicitly permitted in the licenses.

How to fix

Remove the dependency on 'Maven:org.junit.platform:junit-platform-suite-api:1.7.1' or put 'Maven:org.eclipse.dash:eclipse-api-for-java:0.0.1-SNAPSHOT' under a different license.
15 OSADL_PROJECT_LICENSE_COMPATIBILITY Maven:junit:junit:4.13 DETECTED: NOASSERTION

It is unknown whether the outbound license Apache-2.0 of project 'Maven:org.eclipse.dash:eclipse-api-for-java:0.0.1-SNAPSHOT' is compatible with the inbound license NOASSERTION of its dependency 'Maven:junit:junit:4.13'. This combination of licenses is not covered by the compliance matrix.

How to fix

Get legal advice and eventually create a (global) rule violation resolution.
16 OSADL_PROJECT_LICENSE_COMPATIBILITY Maven:junit:junit:4.13 DETECTED: NOASSERTION

It is unknown whether the outbound license EPL-2.0 of project 'Maven:org.eclipse.dash:eclipse-api-for-java:0.0.1-SNAPSHOT' is compatible with the inbound license NOASSERTION of its dependency 'Maven:junit:junit:4.13'. This combination of licenses is not covered by the compliance matrix.

How to fix

Get legal advice and eventually create a (global) rule violation resolution.
17 OSADL_PROJECT_LICENSE_COMPATIBILITY Maven:org.junit.platform:junit-platform-suite-api:1.7.1 DETECTED: NOASSERTION

It is unknown whether the outbound license Apache-2.0 of project 'Maven:org.eclipse.dash:eclipse-api-for-java:0.0.1-SNAPSHOT' is compatible with the inbound license NOASSERTION of its dependency 'Maven:org.junit.platform:junit-platform-suite-api:1.7.1'. This combination of licenses is not covered by the compliance matrix.

How to fix

Get legal advice and eventually create a (global) rule violation resolution.
18 OSADL_PROJECT_LICENSE_COMPATIBILITY Maven:org.junit.platform:junit-platform-suite-api:1.7.1 DETECTED: NOASSERTION

It is unknown whether the outbound license EPL-2.0 of project 'Maven:org.eclipse.dash:eclipse-api-for-java:0.0.1-SNAPSHOT' is compatible with the inbound license NOASSERTION of its dependency 'Maven:org.junit.platform:junit-platform-suite-api:1.7.1'. This combination of licenses is not covered by the compliance matrix.

How to fix

Get legal advice and eventually create a (global) rule violation resolution.
19 OSADL_PROJECT_LICENSE_COMPATIBILITY Maven:org.opentest4j:opentest4j:1.2.0 DETECTED: LicenseRef-scancode-commercial-license

It is unknown whether the outbound license Apache-2.0 of project 'Maven:org.eclipse.dash:eclipse-api-for-java:0.0.1-SNAPSHOT' is compatible with the inbound license LicenseRef-scancode-commercial-license of its dependency 'Maven:org.opentest4j:opentest4j:1.2.0'. This combination of licenses is not covered by the compliance matrix.

How to fix

Get legal advice and eventually create a (global) rule violation resolution.
20 OSADL_PROJECT_LICENSE_COMPATIBILITY Maven:org.opentest4j:opentest4j:1.2.0 DETECTED: LicenseRef-scancode-commercial-license

It is unknown whether the outbound license EPL-2.0 of project 'Maven:org.eclipse.dash:eclipse-api-for-java:0.0.1-SNAPSHOT' is compatible with the inbound license LicenseRef-scancode-commercial-license of its dependency 'Maven:org.opentest4j:opentest4j:1.2.0'. This combination of licenses is not covered by the compliance matrix.

How to fix

Get legal advice and eventually create a (global) rule violation resolution.
21 OSADL_PROJECT_LICENSE_COMPATIBILITY Maven:org.opentest4j:opentest4j:1.2.0 DETECTED: NOASSERTION

It is unknown whether the outbound license Apache-2.0 of project 'Maven:org.eclipse.dash:eclipse-api-for-java:0.0.1-SNAPSHOT' is compatible with the inbound license NOASSERTION of its dependency 'Maven:org.opentest4j:opentest4j:1.2.0'. This combination of licenses is not covered by the compliance matrix.

How to fix

Get legal advice and eventually create a (global) rule violation resolution.
22 OSADL_PROJECT_LICENSE_COMPATIBILITY Maven:org.opentest4j:opentest4j:1.2.0 DETECTED: NOASSERTION

It is unknown whether the outbound license EPL-2.0 of project 'Maven:org.eclipse.dash:eclipse-api-for-java:0.0.1-SNAPSHOT' is compatible with the inbound license NOASSERTION of its dependency 'Maven:org.opentest4j:opentest4j:1.2.0'. This combination of licenses is not covered by the compliance matrix.

How to fix

Get legal advice and eventually create a (global) rule violation resolution.
23 DEPENDENCY_LICENSE_CHECK Maven:junit:junit:4.13 DETECTED: NOASSERTION

License NOASSERTION of dependency 'Maven:junit:junit:4.13' is unclassified.

How to fix

Classify NOASSERTION as either approved or restricted.
24 DEPENDENCY_LICENSE_CHECK Maven:org.glassfish:jakarta.json:2.0.0 DECLARED: GPL-2.0-only WITH Classpath-exception-2.0

License GPL-2.0-only WITH Classpath-exception-2.0 of dependency 'Maven:org.glassfish:jakarta.json:2.0.0' is unclassified.

How to fix

Classify GPL-2.0-only WITH Classpath-exception-2.0 as either approved or restricted.
25 DEPENDENCY_LICENSE_CHECK Maven:org.junit.platform:junit-platform-suite-api:1.7.1 DETECTED: NOASSERTION

License NOASSERTION of dependency 'Maven:org.junit.platform:junit-platform-suite-api:1.7.1' is unclassified.

How to fix

Classify NOASSERTION as either approved or restricted.
26 DEPENDENCY_LICENSE_CHECK Maven:org.opentest4j:opentest4j:1.2.0 DETECTED: LicenseRef-scancode-commercial-license

License LicenseRef-scancode-commercial-license of dependency 'Maven:org.opentest4j:opentest4j:1.2.0' is unclassified.

How to fix

Classify LicenseRef-scancode-commercial-license as either approved or restricted.
27 DEPENDENCY_LICENSE_CHECK Maven:org.opentest4j:opentest4j:1.2.0 DETECTED: NOASSERTION

License NOASSERTION of dependency 'Maven:org.opentest4j:opentest4j:1.2.0' is unclassified.

How to fix

Classify NOASSERTION as either approved or restricted.

Maven:org.eclipse.dash:eclipse-api-for-java:0.0.1-SNAPSHOT (pom.xml)

VCS Information

Type Git
URL https://gitlab.eclipse.org/eclipse/technology/dash/eclipse-api-for-java.git
Path
Revision 5ec5a2425d6a8da34b7644c8ff50a3edf3673267

Packages

# Package Scopes Licenses Analyzer Issues Scanner Issues
1 Maven:org.eclipse.dash:eclipse-api-for-java:0.0.1-SNAPSHOT Detected Licenses (from VCS):
Effective License:
      2 Maven:junit:junit:4.13
      • test
      		 Declared Licenses:
      Detected Licenses (from VCS):
      Apache-2.0 (exemplary link to the first of 4 locations)
      EPL-1.0 (exemplary link to the first of 5 locations)
      EPL-2.0 (link to the location)
      NOASSERTION (link to the location)
      Effective License:
      Apache-2.0 AND EPL-1.0 AND EPL-2.0 AND NOASSERTION
          3 Maven:org.apiguardian:apiguardian-api:1.1.0
          • test
          		 Declared Licenses:
          Detected Licenses (from VCS):
          Apache-2.0 (exemplary link to the first of 5 locations)
          Effective License:
              4 Maven:org.glassfish:jakarta.json:2.0.0
              • compile
              		 Declared Licenses:
              Effective License:
                  5 Maven:org.hamcrest:hamcrest-core:1.3
                  • test
                  		 Concluded License:
                  Declared Licenses:
                  Effective License:
                      6 Maven:org.junit.jupiter:junit-jupiter-api:5.7.1
                      • test
                      		 Declared Licenses:
                      Effective License:
                          7 Maven:org.junit.jupiter:junit-jupiter-engine:5.7.1
                          • test
                          		 Declared Licenses:
                          Effective License:
                              8 Maven:org.junit.platform:junit-platform-commons:1.7.1
                              • test
                              		 Declared Licenses:
                              Effective License:
                                  9 Maven:org.junit.platform:junit-platform-engine:1.7.1
                                  • test
                                  		 Declared Licenses:
                                  Effective License:
                                      10 Maven:org.junit.platform:junit-platform-launcher:1.7.1
                                      • test
                                      		 Declared Licenses:
                                      Effective License:
                                          11 Maven:org.junit.platform:junit-platform-runner:1.7.1
                                          • test
                                          		 Concluded License:
                                          Declared Licenses:
                                          Effective License:
                                              12 Maven:org.junit.platform:junit-platform-suite-api:1.7.1
                                              • test
                                              		 Declared Licenses:
                                              Detected Licenses (from artifact):
                                              Apache-2.0 (link to the location)
                                              EPL-2.0 (exemplary link to the first of 14 locations)
                                              NOASSERTION (link to the location)
                                              Effective License:
                                              Apache-2.0 AND EPL-2.0 AND NOASSERTION
                                                  13 Maven:org.opentest4j:opentest4j:1.2.0
                                                  • test
                                                  		 Declared Licenses:
                                                  Detected Licenses (from VCS):
                                                  Apache-2.0 (exemplary link to the first of 17 locations)
                                                  LicenseRef-scancode-commercial-license (exemplary link to the first of 2 locations)
                                                  NOASSERTION (exemplary link to the first of 2 locations)
                                                  Effective License:
                                                  Apache-2.0 AND LicenseRef-scancode-commercial-license AND NOASSERTION
                                                      14 Maven:org.slf4j:slf4j-api:1.7.36
                                                      • compile
                                                      		 Declared Licenses:
                                                      Detected Licenses (from artifact):
                                                      MIT (exemplary link to the first of 27 locations)
                                                      Effective License:
                                                          15 Maven:org.slf4j:slf4j-simple:1.7.36
                                                          • compile
                                                          		 Declared Licenses:
                                                          Detected Licenses (from artifact):
                                                          MIT (exemplary link to the first of 5 locations)
                                                          Effective License:

                                                              Repository Configuration

                                                              
---
excludes:
  paths:
  - pattern: "**/META-INF/DEPENDENCIES"
    reason: "BUILD_TOOL_OF"
    comment: "Licenses contained in this directory reflect content analysed elsewhere."
  - pattern: "**/META-INF/NOTICE*"
    reason: "BUILD_TOOL_OF"
    comment: "Licenses contained in this directory reflect content analysed elsewhere."
  - pattern: "**/*.svg"
    reason: "BUILD_TOOL_OF"
    comment: "SVG files do not contain any license information."
  - pattern: "package-lock.json"
    reason: "BUILD_TOOL_OF"
    comment: "Does not contain any license information."